Think You’re Secure? Think Again.

Think You’re Secure? Think Again.

We’ve all heard the endless stories of unscrupulous individuals hacking their way into computer networks and Web sites to steal personal information and credit card numbers, or simply wreak havoc on a company. The first quarter of 2013 saw an unprecedented number of data breaches reported in both the public and private sectors of the US economy. Additionally the cost of remediation per breached record has substantially increased.

thinker

Organizations are increasingly concerned that historical industry best practices are being stressed by the acceleration of new malware and Advanced Persistent Threats (APT). The insider threat has primarily morphed into phishing attacks and APT’s which leverage multiple internal security flaws and vulnerabilities to inject an attack and use that as an exploit to ex-filtrate data and/or intellectual property un-detected.

But you made sure that a state-of-the-art security “system” was in place for your company – a cyber attack or security breach could never happen to your business. Right?

Think again. The security of your IT assets and infrastructure is vital, and ensuring that you have an up-to-date and robust system is the key to that success.

The Security Process

Today, with the advent of APTs attackers are laser-focused on multi-pronged exploits that steal data or wreak havoc.  Security is horizontal … it covers all IT infrastructure. The result is that security infrastructure becomes much more complex and fragmented. Attackers don’t discriminate and will take advantage of any gap in protection to reach their end goal. The bad guys continually evolve and innovate. All potential threat vectors need to be examined and addressed.

Chances are that when the IT infrastructure was originally deployed it was secure, clean and, organized. But as weeks, months, and even years pass, tactical changes in technology and the IT environment have probably occurred, weakening the security posture and opening it up to attack. Without a proactive but practical security strategy and processes in place that routinely deploy within a security model,  identify controls, mitigate new technologies, and upgrades … the system will inevitably become vulnerable and fail.

There aren’t enough hours in the day, IT security teams have too many other responsibilities to be able to address today’s barrage of attacks with manual approaches. The ability to reduce labor intensive tasks and streamline processes with automation is essential. Holistic consolidation, integration, organization and … automation leveraging refresh and upgrades to evolve iteratively towards a cohesive Secure Immune Security System is a must in order to cope.

bacteria-generic-110121-02

Secure Immune Security System

How do organizations cut through the hype, filter the noise … of fear, uncertainty and, doubt (FUD) and deal with real and present threats? How do organizations develop an affordable Secure Immune Security System that supports the business based on resource profile and — enables it to grow competitively while managing risk and protecting critical assets? How do organizations develop a continuous cycle to consolidate, integrate and organize mission critical infrastructure into a sustainable core while still enabling some healthy chaos and innovation on the edge?

This series of articles will seek to help organizations, big or small have the practical process, technology and strategy needed to ensure Proactive Defensible Security Posture. A defensible security posture leveraging a Secure Immune Security system together with strong Security Infrastructure Operations Management and refreshed by an Adaptive Security Architecture Lifecycle provides the confidence that your systems are safe or — if a breach does occur to effectively: Protect, Detect, Contain, Eradicate, Recover.

During an attack, the ability to continuously detect threats and block them is critical. After an attack, marginalizing the impact becomes the priority. To do this defenders need to take a proactive stance with retrospective security, the ability to identify the root cause, understand the scope of the damage, contain the event, eliminate the risk of re-infection, remediate it and bring operations back to normal.

pc_vs_network_vs_mobile

Simplicity the Path to Better Security

The secret to success in security is typically simplicity, to have a well designed and organized infrastructure that provides the appropriate layer of controls while enabling users a consistent ‘policy managed’ experience regardless of location, transport or device. The challenge is in achieving that goal. Stay tuned for more information on lessons learned and experience from the field, success stories and, practical case studies. Coming soon the Security Architecture, Strategy and, Roadmap series.

Thank you for your interest.

Nige the Security Guy.

Advertisements

About secureadvisor
Security Guy

10 Responses to Think You’re Secure? Think Again.

  1. Craig says:

    Another well articulated reinforcement of the strategies and process to a more secure environment from within and from outside the organizations network. I look forward to each installment in this series. Thank you, Craig

  2. Pingback: Security Series Master Index | Nige the Security Guy

  3. Pingback: Architecture Case Study – Part 1 | Nige the Security Guy

  4. Pingback: Architecture Case Study – Part 2 | Nige the Security Guy

  5. Pingback: Security Program Best-Practices 3 | Nige the Security Guy

  6. Pingback: Advanced Threat Defense – Part 1 | Nige the Security Guy

  7. Would enjoy to take this up as a profession, I have started to do a little bit of bit much more filling in my
    extra time yet when I review things such as
    this its a tip I still have a great deal to know

  8. Pingback: Security Architecture Series Guide | Nige the Security Guy

  9. testing says:

    Howdy! Do you know if they make any plugins to protect
    against hackers? I’m kinda paranoid about losing everything
    I’ve worked hard on. Any suggestions?

    • Sadly the opposite is true, that you need to be careful what plugins you use. If you use plugins you want to keep an eye on any alerts since there have been a few recently that can lead to compromise. My advice would be to limit plugins as much as possible, monitor those that you use and, use good authentication. I tend to save my posts via my browser as a web archive (.MHT) so I at least have the text and graphics.

      Hope this helps.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: